How To Automate Cyber Threat Intel With Graylog and Greynoise. Auto Detect Malicious IPs!

preview_player
Показать описание
Join me as we continue on to Phase 8 of the World's Best SIEM Stack Series, enriching our Firewall logs with Threat Intel provided by Greynoise's API!

  1. Taylor Walton
Рекомендации по теме
What is SOAR 0:07:16

What is SOAR (Security, Orchestration, Automation & Response)

Cybersecurity Threat Hunting 0:06:51

Cybersecurity Threat Hunting Explained

Automation and Scripting 0:03:09

Automation and Scripting - SY0-601 CompTIA Security+ : 2.3

I Made a 0:21:27

I Made a Custom Threat Intel Feed (Connecting Apps with n8n)

AI in Cybersecurity 0:06:19

AI in Cybersecurity

SOAR Use Case 0:05:47

SOAR Use Case | Automated Threat Hunting with Security Automation

How To Automate 0:26:14

How To Automate Cyber Threat Intel With Graylog and Greynoise. Auto Detect Malicious IPs!

I AUTOMATED a 0:17:24

I AUTOMATED a Penetration Test!?

Sqlninja - Breaking 0:00:23

Sqlninja - Breaking into Databases with SQL Injection #Sqlninja #SQLInjection #DatabaseSecurity

Automating Threat Hunting 0:20:32

Automating Threat Hunting on the Dark Web and other nitty-gritty things | SANS Cyber Defense Forum

Finding the Balance 0:39:44

Finding the Balance in Security Automation - SANS Threat Hunting Summit 2018

Key Tactics for 0:59:35

Key Tactics for Automating Security Operations

Security Operations Center 0:05:47

Security Operations Center (SOC) Explained

Threat Intelligence - 0:10:46

Threat Intelligence - SY0-601 CompTIA Security+ : 1.5

Security Orchestration, Automation 0:02:00

Security Orchestration, Automation and Response: the three actions that really count

What's next in 0:00:45

What's next in cybersecurity automation?

SIEM, EDR, XDR, 0:08:58

SIEM, EDR, XDR, MDR & SOAR | Cybersecurity Tools and Services | Threat Monitoring

Hacking your SOEL: 0:36:23

Hacking your SOEL: SOC Automation and Orchestration – SANS Security Operations Summit 2018

I did 100s 0:05:23

I did 100s of Cyber Security interviews and I learned this

STRIDE Threat Modeling 0:21:49

STRIDE Threat Modeling for Beginners - In 20 Minutes

Security in 2023 0:23:54

Security in 2023 and Beyond: Automation, Analytics and Architecture

Security Orchestration Automation 0:08:13

Security Orchestration Automation & Response (SOAR)

Companies turn to 0:01:25

Companies turn to AI and automation to fight cyber threats

Using Security Automation 0:51:20

Using Security Automation to Organize your Cyber Threat Intelligence Knowledge with OpenCTI

Комментарии
Автор

This series is pure gold. Thank you very much for investing a lot of time making it ! 🍻

Foxi
Автор

Apparently this is no longer functional using Community API keys. This is the message I get in Graylog version 6.0.0:
"Cannot perform lookup without a GreyNoise Enterprise subscription. Check API key and restart Data Adapter."

Bobtb
Автор

can't use Greynoise free anymore :( Graylog asking for the subscription one

carlitoang
Автор

It so awesome Taylor!
The current community plan of Greylog just allow to do 50 IP lookup per week. I looked prices the basic plan costs $27, 000 dlls/year, definitly I can't pay it, it's to much for me :C I hate to be poor lol

luismontoya
Автор

hello my bro nice to meet u, i hope u are well, could you help me a create input office 365 audit logs on graylog please i have version 4.2

gguestdub
Автор

is it possible to the same with OpenSearch instead of Graylog?

MsRope
Автор

Hi Taylor ! I would like to work for you in SOCFortress

miguelsaiz
Автор

Great Video and great Series Taylor!

I wonder about the Intel Enrichment part. On your original Plan you used Misp & OpenCti, have u now changed both into Graynoise?

eladdolev
Автор

but you can do all of this from within Wazuh and it is rather easy. Then you don't need to spin up another server and another

quikmcw
Автор

So fun! Get to know the secret = Promo_SM!!

townsotolo